1. Field of the Invention
Aspects of this invention relate generally to digital security, and more particularly to a system and method for verifying the identity of an Internet user.
2. Description of Related Art
By way of some background, in the emerging global economy, e-commerce has increasingly become a necessary component of business strategy and a strong catalyst for economic development. Not only has it allowed consumers to locate and purchase virtually any good or service imaginable, regardless of their geographic locations, but it has also decreased the overhead for many businesses, as having a traditional “brick and mortar” establishment is no longer required. In other words, e-commerce has significantly impacted the simplicity of exchanging money for goods and/or services. When it comes to online transactions via the Internet, companies have historically had no choice but to rely upon the accuracy of the information provided to them by consumers. Given the relative anonymity that is afforded by the Internet, along with the relative ease with which one may create a fake persona (including a fake email address), this has proven to be a fundamental flaw in the security of the Internet that is being exploited by identity thieves countless times every day. This weakness enables criminals to use stolen credit card numbers to purchase products from online retailers, apply for new credit cards and loans in someone else's name, and redirect another person's sensitive financial information to themselves. These security flaws arise primarily because confirmations, receipts, and notices are sent to the fake email address provided by whomever initiates a given transaction, rather than the email address of the person who's information is being fraudulently used. The actual consumer remains unaware that he or she has been victimized until long after the fact.
In addition to the above e-commerce issues, online predators and cyber-stalkers also use fake email addresses as a mask to cover their true identities. Cloaked in anonymity, they are able to register on dating and social media websites in order to locate their victims and perpetrate serious crimes, including murder and rape. Website owners have found themselves embroiled in lawsuits brought against them by victims and their families for failing to do more to protect their members.
Additionally, government agencies impose a wide range of regulatory obligations various industries to help ensure privacy and security of sensitive information, among other things. The relative ease with which fraudsters and online predators are able to manipulate the system through the establishment of fake email addresses also greatly increases the difficulty and expense of compliance with these regulations. A wide range of industries are affected by such regulations. For example, banks and financial institutions are required to comply with numerous due diligence requirements imposed by U.S. and international “know your customer” laws, the U.S. Patriot Act, and other regulations designed to protect banks from being used by criminal enterprises for money laundering activities. The privacy rules under the federal Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) requires health care providers to undertake a series of administrative, physical, and technical safeguards for covered entities to assure the confidentiality, integrity, and availability of sensitive electronic health information. In law firms, communications between attorneys and their clients are subject to legal privilege and must be held in strict confidence. An accidental disclosure of that information can subject attorneys to severe disciplinary sanctions. Operators of websites that cater to children are required to comply with the Children's Online Privacy Protection Act of 1998 (“COPPA”) which, among other things, requires them to obtain verifiable parental consent before processing a child's registration. Until now, the only choice available to website owners to comply with this aspect of COPPA was to send an email to the address provided to them on the registration form. Children often “game the system” by establishing a fake email address through which to confirm that consent.
Furthermore, As of Sep. 30, 2012, the Internal Revenue Service (“IRS”) had almost 650,000 identity theft cases in inventory. The victims of tax-related identity theft suffer extraordinary inconveniences and, in many cases, hardships. In general, more than 75 percent of U.S. taxpayers receive refunds, with the amounts averaging roughly $3,000. Identity theft victims are generally unable to receive their significant and sometimes urgently needed tax refunds until the IRS resolves their cases, which is now taking upwards of six months or longer.
Thus, there remains a need for a way to better prevent such fraudulent online activities. Aspects of the present invention fulfill these needs and provide further related advantages as described in the following summary.